LeakedIn.org - check if your password was leaked

**Sysman** · 7 June 2012, 14:01

Originally posted by NickFitz View Post

Anyway, at the time the file was created, mine still hadn't been broken, unlike 3,521,180 out of the 6,143,150 in there

That's the key point. Just because my password didn't show up as being cracked doesn't mean that it's not on a list still waiting to be processed.

Fortunately I've been generating unique passwords for new sites for at least a couple of years.

**Sysman** · 7 June 2012, 14:12

Originally posted by escapeUK View Post

You really typed your password into that website? Well if it wasnt leaked it could be now. (Assuming it wasnt already)

Yep. After I had updated LinkedIn with a new password.

**Sysman** · 7 June 2012, 14:17

Originally posted by k2p2 View Post

Names (mostly girls') were pretty common, as were various varieties of booze.

Yep. We wanted to get into an accounts package once when the boss was unreachable (missing, presumed drunk).

I'd been wittering at him for a while not to use his wife's or daughter's names.

It didn't take many tries to get in.

**russell** · 7 June 2012, 14:18

WGAS anyway, if someone logs into your linkedin and changes your CV. A lot of people think highly of themselves, a hacker will not be interested in the average moron on LinkedIn, and if you used the same password for other sites then you deserve to be hacked.

**Sysman** · 7 June 2012, 14:19

Originally posted by Pondlife View Post

I've just changed mine to wanttoseemytits too.

Hash: 077d9bd01a60e7f18b70055f50d32659c9b6a479

Looks like your password was not leaked. Hooray!

**minestrone** · 7 June 2012, 14:44

My Amazon account could have been turned over.

feckin idiots, whatever the form of the password it should be never be allowed to go out the DB again.

**MrMark** · 7 June 2012, 15:06

Originally posted by Sockpuppet View Post

Looks like mine hasn't been leaked. LinkedIn was on the "generic" list which just got the same password as it wasn't important.

These days salting really should be made mandatory.

Yep, salt the hash, but also make sure it varies for each record.
Plus enforce a few rules - eg 8 chars minimum, at least 1 digit + uppercase + symbol...

**MrMark** · 7 June 2012, 15:08

Originally posted by Diver View Post

Just checked the passwords for linkedin and all of my credit and debit cards, Bank accounts, Paypal, ebay and Amazon.

None of them are on there so no need to change any of them

I for one found this hilarious... there are some people would have meant it tho.

**Sysman** · 7 June 2012, 15:39

Originally posted by MrMark View Post

Plus enforce a few rules - eg 8 chars minimum, at least 1 digit + uppercase + symbol...

Which means that "Passw0rd!" is OK, but "correct horse battery staple" isn't.

It's madness, I tell ya!

P.S. Windows Server 2008 Active Directory wants 3 out of 4 of your criteria by default. "Passw0rd" does that.

**Bunk** · 7 June 2012, 15:48

Originally posted by Sysman View Post

Which means that "Passw0rd!" is OK, but "correct horse battery staple" isn't.

It's madness, I tell ya!

P.S. Windows Server 2008 Active Directory wants 3 out of 4 of your criteria by default. "Passw0rd" does that.

I bet "correct horse battery staple" is now a fairly common password, especially on tech sites.

LeakedIn.org - check if your password was leaked

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Partners

Advertisers

Contractor Services

CUK News

LeakedIn.org - check if your password was leaked

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Partners

Advertisers

Contractor Services

CUK News

Tag Cloud